The CDN provider Cloudflare addresses a phenomenon that should not be new to developers. Once developers have linked the required libraries such as jQuery in the head of the respective website, they remain permanently in operation in the linked version. There is usually no update strategy.
The static state of common JS libraries
Cloudflare was able to prove this with the help of the jQuery library and the animation library Tweenmax via the hosting service CDNJS. With both libraries it was found that old, even very old versions still receive requests to a significant extent.
Although Cloudflare has always been able to determine increasing usage figures for the current versions, these increasing numbers were not accompanied by falling values for old versions. This confirms the impression that once implemented libraries remain in the project forever, at least until they become dysfunctional for other reasons.
Cloudflare does not offer explanations, but the following factors could be decisive for the phenomenon.
The 3 ways to integrate a JS library
The alternative to a CDN is to store the required libraries on the project’s web server and integrate them from there, or to access the library’s official repository via a link, although not every library allows or even provides for this.
The problem: Set it and forget it
Low update motivation understandable for two reasons
In classic creation processes, there are essentially two problems. Often times, the developer is paid to provide a website. Once finished and handed over, neither the customer nor the developer bother.
The second problem is that so-called breaking changes can occur in the course of updating JS libraries. That means the updated library would require further changes to the website in order for it to work as before.
It is precisely this second point that customers usually cannot understand. You have paid for a website that works and you are now supposed to pay for adjustments to keep it working as before. For his part, the developer is not over-motivated to make changes that can lead to strange behavior in previously functional processes.
Disadvantages of CDN and other third-party hosters
For the developer, the worst case scenario would be an automatic integration of the latest version of a library. This means that he loses all control over the uptime forecast of the websites he is responsible for. Who wants to be rang out of bed by customers at three o’clock in the morning because their online shop has given up the ghost?
Current libraries only on the agenda for large-scale and own projects
Things look different when developers oversee their own projects or are outsourcing employees who are responsible for the operation of one or more websites. Here, too, external integration will not be the first choice because of the additional requests, the latency that cannot be controlled and the possible security problems.
But the to-do list will definitely state that the libraries used are checked for up-to-dateness at least at defined time intervals and, if in doubt, adjusted.
How do you deal with the topic?